<?php
    /**
    * Cases Save Acting
    */
    if (!defined('EXPONENT')) exit('');
    if (exponent_users_isAdmin() ||  exponent_permissions_check(array("administrate","upload"),exponent_core_makeLocation("profilemodule","_syscore","")))
    {
        $cases=null;
        if (isset($_REQUEST['cases_id']))
        {
            $cases=$db->selectObject('profilemodule_cases','id='.intval($_REQUEST['cases_id']));
        }
        
        $cases->name = $_REQUEST['cases_name'];
        if (!isset($cases->id))
        {
            $cases->poster = $user->firstname." ".$user->lastname."(".$user->username.")";
            $cases->user_id = $_REQUEST['user_id'];
            $cases->post_date = time();
        }
        $cases->last_update = time();
        $cases->last_update_by = $user->firstname." ".$user->lastname."(".$user->username.")";
        $cases->file_video = ($_REQUEST['videofile']);
        $cases->file_pdf =  ($_REQUEST['pdffile']);

        if (isset($cases->id)) {
            $db->updateObject($cases,'profilemodule_cases');
        } else 
        {
            $cases->id = $db->insertObject($cases,'profilemodule_cases');
        }
        echo "OK";
    }
    else
        exponent_http_error(403);

?>
